“It’s a double-edged sword,” says Bill Marczak, senior researcher at Citizen Lab, the watchdog for cybersecurity. “You’re going to keep a lot of the riffraff by making it harder to break iPhones. But the top 1% of hackers will find a way in, and once they’re inside, the iPhone’s impenetrable fortress protects them. “
Marczak has spent the past eight years hunting down these top hackers. His research includes the revolutionary 2016 “Million dollar dissident”Report that presented to the world Israeli hacking company NSO Group. And in December, he was the lead author of a report titled “The big iPwn, Detailing how the same hackers allegedly targeted dozens of Al Jazeera journalists.
He argues that while iPhone security tightens as Apple invests millions to raise the wall, the best hackers have their own millions to buy or develop clickless exploits that allow them to take control. iPhones invisibly. These allow attackers to burrow into tight areas of the phone without ever giving the target any indication that they have been compromised. And once they’re so deep inside, security becomes a barrier that prevents investigators from spotting or understanding harmful behavior – to the point where Marczak suspects they’ve missed all but a small fraction of the attacks because that they can’t see behind the curtain.
This means that even to know you are under attack, you may need to rely on luck or vague suspicion rather than clear evidence. Al Jazeera reporter Tamer Almisshal contacted Citizen Lab after receiving death threats about his work in January 2020, but Marczak’s team initially found no direct evidence of hacking on their iPhone. They persevered by looking indirectly at the phone’s internet traffic to see who it was whispering to, until finally, in July of last year, researchers saw the ping phone servers owned by NSO. This was solid evidence indicating a hack using the Israeli company’s software, but it did not reveal the hack itself.
Sometimes the locked system can overturn even more directly. When Apple released a new version of iOS last summer amid Marczak’s investigation, the phone’s new security features killed an unauthorized “jailbreak” tool that Citizen Lab was using to open the iPhone. The update excluded it from private areas of the phone, including a folder for new updates – which turned out to be exactly where the hackers were hiding.
Faced with these blockages, “we just raised our hands,” says Marczak. “We can’t get anything out of it – there’s just no way.”
Beyond the phone
Ryan Storz is a security engineer with Trail of Bits. He’s leading the development of iVerify, a rare Apple-approved security app that does its best to look inside iPhones while following the rules set in Cupertino. iVerify looks for iPhone security anomalies, such as unexplained file changes, the kind of indirect clues that can point to a deeper problem. Installing the app is a lot like putting travel threads in the castle that is the iPhone: if something doesn’t look like what you expect, you know a problem exists.
But like the systems used by Marczak and others, the app cannot directly observe unknown malware that breaks the rules, and it cannot read iPhone memory in the same way as apps on iPhone. security on other devices. The trigger wire is useful, but it’s not the same as a guard that can traverse every room in search of invaders.
Despite these difficulties, Storz says, modern computers are converging on the lockdown philosophy – and he thinks the compromise is worth it. “By locking down these items, you reduce the damage caused by malware and espionage,” he says.
This approach extends far beyond the iPhone. In a recent briefing with reporters, an Apple spokesperson described how the company’s Mac computers are increasingly adopting the iPhone’s security philosophy: its new laptops and desktops run on chips. Custom M1s that make them more powerful and secure, in part by locking up more and more. computer in the same way as mobile devices.
“IOS is incredibly secure. Apple saw the benefits and transferred them to the Mac a long time ago, and the M1 chip is a huge step in that direction, ”said Patrick Wardle, security researcher.